Lead with Knowledge

Learn to secure your PCs from new and unknown hacker attacks.

Free IDC White Paper - Discover Secure File Sharing for the Enterpriseattacks.

Home  //  Article
Print Article    Email Article
Window Manager
Brian Livingston
Now you can rid your system of the Aureate Trojan horse that transmits user info

IN THE PAST FEW WEEKS, you may have heard about a new Trojan horse. It silently installs itself along with ordinary software. It can then send personal data about you via the Internet back to a master server.

This program is known as Aureate. Rumors about it have been overblown, based on misunderstandings about what the software does. But the true nature of the program is bad enough to deserve your attention.

I am revealing (you read it here first) how to rid your systems of Aureate software. It's simple to do. Keep in mind that even strong anti-virus checkers do not yet regard Aureate programs as viruses.

The cure is OptOut, a free, tiny utility. Its author -- Steve Gibson, the developer of the SpinRite disk utility -- has not had a chance to really publicize it. What OptOut does -- and why we need this kind of protection -- is a story worth telling. We will face many more Aureates in the future.

On the surface, Aureate software performs a mundane task: It displays advertising in the form of message windows. The ads are hosted by programs that agree to display them.

This is all explained at the Web site of Aureate's developers. (The company, formerly known as Aureate Media Corp., recently changed its name to Radiate. Its new Web site is End-users can download software from Radiate's Web site.

The advertisements were conceived as a way for software developers to make money: Companies that embed Aureate software into their ordinary programs share ad revenues with Aureate.

The ordinary programs are distributed via the Web, CD-ROM, or other means. When end-users install the ordinary software, they also install Aureate daemon (auto-running) software. The daemon software contacts a Radiate server whenever the user accesses the Internet. Radiate downloads ad files to your disk during your connection. These ads are displayed at some later time to the end-user.

Radiate normally charges advertisers $20 to $25 for every 1,000 people who view an ad. Radiate keeps 40 percent and passes 60 percent to the developer of the host program. However, Radiate can charge as much as $30 per 1,000 people if the ads are "targeted." To target ads, the daemon eventually displays dialog boxes that request personal information. Users can click "cancel," but many fill them in.

Radiate's requested data includes your age, sex, ZIP code, household income, and company size. In its own defense, Radiate says, "We will not collect any personally identifiable information about you [name, address, telephone number, e-mail address] unless you provide it to us voluntarily."

This is a cold comfort. The Windows Registry reveals your name, your company's name, the e-mail address you typed into Internet Explorer as your "reply-to" address, and much more. Radiate spokesman Peter Fuller strongly denies that the company reads or transmits this information. But how would you know?

Steve Gibson says he's found much bigger problems with the daemon software than whether someone is marketing your income.

* None of the daemon-carrying software that Gibson analyzed notifies users before they install the uploading/downloading routines.

* None of the uninstall routines of the programs he examined make any attempt to remove or disable the daemon. Data is transferred by the daemon even when the host software is idle or has been deleted.

* Radiate could easily associate specific profiles with names or credit cards, because Radiate accepts online registration fees for host programs that carry the daemon.

Network experts such as Richard Smith and Network Associates have examined the Radiate software. They say the software isn't collecting any information, other than when and how you use the ad-supported host software. The problem is, how would you know if it were performing any other functions?

Radiate says the Aureate software is already installed on more than 17 million PCs.

Gibson has a complete explanation of the problem at His free utility at completely removes the daemon.

Programmers need to learn that just because we have an Internet connection, they can't use it as they wish. Until that message sinks in, we need utilities such as Gibson's.


Enterprise Applications
Network/System Management

SUBSCRIBE TO:    E-mail Newsletters  InfoWorld Mobile InfoWorld Magazine
Home  //  Article Print Article    Email Article
Back to Top


Download the J.D. Edwards CRM white paper. Visit
Introducing Primus Quick Resolve. Click to download a fact sheet.
Download the J.D. Edwards CRM white paper. Visit
Gateway: Your Reliable IT Provider of Business Technology Solutions
Learn to secure your PCs from new and unknown hacker attacks.

E-mail Newsletters
InfoWorld Mobile
Print Magazine

Web-based training

Copyright 2001 InfoWorld Media Group, Inc.